Unwanted Access Rules - VPNs
M
Matthew Dreher
I like this new feature but I think it would be better if we could specify what IP addresses we want to whitelist for specific VPNs, instead of just allowing all "SonicWall VPNs", etc. I also find that there are going to be a lot of issues with Apple's Private Relay stuff. Not sure how to handle those.
M
Moshe Fleischman
%100, we have multiple escealtions where Huntress incorrecly marked a login asa VPN, I would not want to approve the entire VPN.
Yidel Steinfeld
Some of our clients use proxy services (e.g., ProxyBonanza, LanternVPN) for legitimate business purposes. However, whitelisting the entire vendor introduces unnecessary risk, as it allows all traffic from that provider, including potentially malicious or unauthorized access.
Proposed Solution:
-Add support for IP-based exception rules within the "Unwanted Access" settings.
-Allow administrators to specify trusted IPs or IP ranges that should be excluded from triggering alerts, even if they belong to a flagged VPN/proxy provider.
Benefits:
-Reduces false positives without compromising security.
D
Daniel De La Cruz
Totally agree, it would be nice if IP whitelisting was possible, that way you don't whitelist an entire country